stash

core/authentication/tests/v2/test_permissions.py

@@ -1,5 +1,6 @@
-from django.test import TestCase
+from django.test import TestCase, Client
 from django.contrib.auth.models import Permission
+from knox.models import AuthToken
 
 from authentication.models import EventPermission, ExtendedUser
 from inventory.models import Event
@@ -14,17 +15,18 @@ class PermissionsTestCase(TestCase):
         permission1 = Permission.objects.get(codename='view_event')
         EventPermission.objects.create(user=self.user, permission=permission1, event=event1)
         EventPermission.objects.create(user=self.user, permission=permission1, event=event2)
+        self.token = AuthToken.objects.create(user=self.user)
+        self.client = Client(headers={'Authorization': 'Token ' + self.token[1]})
 
     def test_user_permissions(self):
         """
         Test that a user can only access their own data.
         """
-        self.client.force_login(self.user)
         response = self.client.get('/api/2/users/')
         self.assertEqual(response.status_code, 200)
         self.assertEqual(len(response.json()), 2)
-        self.assertEqual(response.json()[0]['username'], 'testuser')
-        self.assertEqual(response.json()[0]['email'], 'test')
+        self.assertEqual(response.json()[0]['username'], 'legacy_user')
+        self.assertEqual(response.json()[0]['email'], 'mail@localhost')
         self.assertEqual(response.json()[0]['first_name'], '')
         self.assertEqual(response.json()[0]['last_name'], '')
         self.assertEqual(response.json()[0]['id'], 1)

core/authentication/tests/v2/test_users.py

@@ -91,3 +91,5 @@ class UserApiTest(TestCase):
         anonymous = Client()
         response = anonymous.post('/api/2/login/', {'username': 'testuser', 'password': 'test'},
                                   content_type='application/json')
+        self.assertEqual(response.status_code, 200)
+        self.assertTrue('token' in response.json())